Date: Fri, 1 Mar 2002 00:07:39 -0500 From: "Joe & Fhe Barbish" <barbish@a1poweruser.com> To: <moth21@hotmail.com>, "Aaron Hill" <fbsdlist@futureuse.net> Cc: "FBSDQ" <questions@FreeBSD.ORG> Subject: RE: NATD PCANYWHERE! Message-ID: <LPBBIGIAAKKEOEJOLEGOAEEMCJAA.barbish@a1poweruser.com> In-Reply-To: <14981.203.11.225.5.1014953362.squirrel@www.futureuse.net>
next in thread | previous in thread | raw e-mail | index | archive | help
I just finished setting up PCanywhere on 5 winboxs on the lan behind a ipfw firewall. Any one of those 5 winboxs can get a host or remote connection with each other and can call out as a remote to any host on the public internet. With Pcanywhere the remote takes over control of the host. These are the rules I use. # Allow out PCanywhere software product $fwcmd add 00740 allow udp from $iip to any 22,5632 out via $oif keep-state $fwcmd add 00741 allow tcp from $iip to any 5631 out via $oif setup keep-state Where $iip is the IP address range of the lan winboxs. I do not have a natd divert rule in my rules because it was creating packet mis-matches in the advanced stateful check-state/keep-state dynamic rules. I use user ppp -nat for public to private and back again ip address translation. Now seeing what you 2 are talking about makes me curious about what you are doing and why? Could you please explain? Thanks Joe -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Aaron Hill Sent: Thursday, February 28, 2002 10:29 PM To: moth21@hotmail.com Cc: questions@freebsd.org Subject: Re: NATD PCANYWHERE! > Hello, > > I have FreeBSD 4.5 with natd/ipfw, all I want to do is redirect > pcanywhere traffic. Internet traffic is routing correctly. > > Here is my /etc/natd.conf > interface dc1 > use_sockets yes > same_ports yes > > redirect_port tcp x.x.x.x:5631 x.x.x.x:5631 > redirect_port tcp x.x.x.x:5632 x.x.x.x:5632 > > And here is my handy script I wrote > #!/bin/sh > natd -f /etc/natd.conf > /sbin/ipfw -f flush > /sbin/ipfw add divert natd all from any to any via dc1 > /sbin/ipfw add pass all from any to any > > What gives? I get Connection Refused... Douglas, Here's how I've got it working. You need these lines in /etc/natd.conf ... # Allow incoming traffic on that NAT address deny_incoming no # pcAnywhere redirect_port tcp xxx.xxx.xxx.xxx:5631 5631 redirect_port udp xxx.xxx.xxx.xxx:5632 5632 ... where xxx.xxx.xxx.xxx is the IP address of your PC-Anywhere host. Your firewall rules look OK. I think the problem is you are allowing TCP 5632 when you actually need UDP 5632. > > Thanks, > > Douglas A. Maske > Consultant > All Bases Covered, Inc. > Aaron Hill. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?LPBBIGIAAKKEOEJOLEGOAEEMCJAA.barbish>